Several cloud vendors began responding to the Chip Kernel Vulnerability that has the enterprise reeling proper this second. Each Infrastructure as a Service vendor clearly has a stake proper right here on account of each one is selling CPU cycles on their platforms.

TechCrunch despatched a request for comment to six important cloud vendors along with AWS, Microsoft, Google, IBM, Rackspace and DigitalOcean. At the time of publication, we had heard straight from three of the companies: Microsoft, Rackspace and DigitalOcean. In the case of Google, we realized their response in a roundabout way by a printed weblog submit. We have not however heard from AWS or IBM.

Microsoft

“We’re aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers. We are in the process of deploying mitigations to cloud services and are releasing security updates today to protect Windows customers against vulnerabilities affecting supported hardware chips from AMD, ARM and Intel. We have not received any information to indicate that these vulnerabilities had been used to attack our customers.”

Google

“As soon as we learned of this new class of attack, our security and product development teams mobilized to defend Google’s systems and our users’ data. We have updated our systems and affected products to protect against this new type of attack. We also collaborated with hardware and software manufacturers across the industry to help protect their users and the broader web. These efforts have included collaborative analysis and the development of novel mitigations.” (See proper right here, proper right here, proper right here and proper right here for added weblog posts from Google outlining their responses.)

DigitalOcean

“DigitalOcean has been actively investigating the Intel chip concern which was disclosed earlier proper this second. We’ve been working to gather as rather a lot knowledge as we are going to to assure our prospects keep protected. Intel sadly has not made it simple to get a full picture of the issue due to their knowledge embargo.

At this time we’re working beneath the concept this flaw will impression all of our prospects and we’re presuming that rebooting Droplets (a DigitalOcean cloud server) is likely to be necessary. We is likely to be providing superior notification to any and all prospects impacted as we be taught further.

This is a creating concern and we’re unable to forecast timeframes for implementing a restore proper now.”

(See DigitalOcean’s weblog submit for added particulars.)

Rackspace

“On 2 January 2018, Rackspace was made aware of a suspected Intel CPU construction vulnerability. The full extent and effectivity impression of this vulnerability and potential remediation are at current unknown as a result of the vulnerability has not however been publicly disclosed.

Our engineers are taking part with the appropriate vendors and reviewing the Rackspace environment and may take acceptable movement. Should actions which may impression purchaser environments be taken Rackspace will discuss to affected prospects.”

Should further responses develop to be accessible, we’ll proceed to substitute this textual content.